bouncer/internal/proxy/director/layer/authn/oidc/client_options.go

86 lines
1.7 KiB
Go
Raw Permalink Normal View History

package oidc
import (
"context"
"net/http"
"github.com/coreos/go-oidc/v3/oidc"
)
type ClientOptions struct {
Provider *oidc.Provider
ClientID string
ClientSecret string
RedirectURL string
Scopes []string
AuthParams map[string]string
SkipIssuerCheck bool
HTTPClient *http.Client
}
type ClientOptionFunc func(*ClientOptions)
func WithRedirectURL(url string) ClientOptionFunc {
return func(opt *ClientOptions) {
opt.RedirectURL = url
}
}
func WithCredentials(clientID, clientSecret string) ClientOptionFunc {
return func(opt *ClientOptions) {
opt.ClientID = clientID
opt.ClientSecret = clientSecret
}
}
func WithScopes(scopes ...string) ClientOptionFunc {
return func(opt *ClientOptions) {
opt.Scopes = scopes
}
}
func WithAuthParams(params map[string]string) ClientOptionFunc {
return func(opt *ClientOptions) {
opt.AuthParams = params
}
}
func WithSkipIssuerCheck(skip bool) ClientOptionFunc {
return func(opt *ClientOptions) {
opt.SkipIssuerCheck = skip
}
}
func NewProvider(ctx context.Context, issuer string, skipIssuerVerification bool) (*oidc.Provider, error) {
if skipIssuerVerification {
ctx = oidc.InsecureIssuerURLContext(ctx, issuer)
}
return oidc.NewProvider(ctx, issuer)
}
func WithProvider(provider *oidc.Provider) ClientOptionFunc {
return func(opt *ClientOptions) {
opt.Provider = provider
}
}
func WithHTTPClient(client *http.Client) ClientOptionFunc {
return func(opt *ClientOptions) {
opt.HTTPClient = client
}
}
func NewClientOptions(funcs ...ClientOptionFunc) *ClientOptions {
opt := &ClientOptions{
Scopes: []string{oidc.ScopeOpenID, "profile"},
HTTPClient: http.DefaultClient,
}
for _, f := range funcs {
f(opt)
}
return opt
}